Definitely.I'm not @dak180, but I'd put Cloudflare at the top of the list (as apparently you folks did as well, it's one of only two others (in addition to Route53) that you've as yet put into SCALE). It's one of the most popular DNS hosts at least in the SOHO/SMB environment, which is no surprise since their DNS service is free and they have a robust API. If you're going to be getting a cert using DNS validation, Cloudflare is probably the most widely-recommended DNS host for that purpose.
And you've already done the work and testing to integrate it, so...
If you desperately need it, please explain why.. and add a NAS ticket.Porkbun is a popular alternative
If you desperately need it, please explain why.. and add a NAS ticket.
ACME DNS would be a start, because it's more or less standard and self-hosted. There's even a FreeBSD package for it that can easily be run in a jail. (I created the portEach one requires work and testing, so we would prefer the must-have list. Which one do each of you specifically need?
I am confident this one will be fixed by simple shipping the versionof bhyve that is an integral part of FreeBSD 13.3.Bhyve with Ubuntu keeps locking up
I am using elliptic curve with TN 13 without issues.Support better than ssh-rsa keys: <https://ixsystems.atlassian.net/browse/NAS-109023>
My absolute #1 request:
Bhyve with Ubuntu keeps locking up
<https://ixsystems.atlassian.net/browse/NAS-122108>
(I went as far as rebuilding bhyve from source to get this fix from upstream.)
@morganL can the ticket please please be reopened so it's not lost / forgotten.
Yeah, depending which exact version of FreeBSD they pick. The ticket has details about this.I am confident this one will be fixed by simple shipping the versionof bhyve that is an integral part of FreeBSD 13.3.
The info is all in the NAS-122108 ticket already.Any chance you can review the nightlies or look at the FreeBSD 13.3 source for the fixes?
Sorry, I should have said:I am using elliptic curve with TN 13 without issues.
Each one requires work and testing, so we would prefer the must-have list. Which one do each of you specifically need?
Not really. Because every DNS provider has its own set of credentials, and that means a different web form, making sure it sets all the appropriate variables, input validation, etc. Repeat x 150 or so to cover all of them.Would it not be simpler to just incorporate acme.sh?
I'm not so sure about that. I think it's largely abstracted by acme.sh. pfSense manages it without needing 150 different UIs: https://docs.netgate.com/pfsense/en/latest/packages/acme/certificate.htmlNot really. Because every DNS provider has its own set of credentials, and that means a different web form, making sure it sets all the appropriate variables, input validation, etc. Repeat x 150 or so to cover all of them.
We want to know which ones are required....so we can decide how we could handle.I'd like to see EasyDNS support. Why? Because that's the DNS provider I use.
pfsense, also based on FreeBSD, supports acme.sh, which I think is a great way to get support for a lot of different providers.
Do you really want new tickets created for each different provider? NAS-115350 already has 28 upvotes.
I vote for at least one self-hosted provider for which I suggest acme-dns as the natural choice.We want to know which ones are required....so we can decide how we could handle.
The docs pages don't give much detail (who needs screen shots, anyway?), but they make it sound like that's exactly what they do.pfSense manages it without needing 150 different UIs:
CF_Token="Y_jpG9AnfQmuX5Ss9M_qaNab6SQwme3HWXNDzRWs" CF_Zone_ID="763eac4f1bcebd8b5c95e9fc50d010b4"
dns_cf
for this example). But that makes the dependency on the third-party tool explicit, and sends the user to the acme.sh docs to figure out what to enter. Not the best UX.